Configure Trunks and Access Ports on Juniper Devices
Рет қаралды 10,719
2 жыл бұрынThis video is a demonstration of how to configure trunk and access ports on the different Junos platforms (MX/QFX/EX/SRX).
Attached below is a link to Junipers official documentation for how to configure VLANs and Trunking on EX & QFX series platforms.
supportportal.juniper.net/s/a...
@mranger4232 Жыл бұрын
Quick question, can you combine both the interface-mode command and the vlan members into 1 set command? IE: set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode access vlan members VLAN2-LAN vs 2 separate commands of: set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode access and then set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members VLAN2-LAN
@jongreenit Жыл бұрын
They most certainly can. Theses commands be entered in one fell swoop, I just tend to break them up to make them easier to see in the videos.
@1999Zahra Жыл бұрын
@@jongreenit When sitting at the table: "Hi, can somebody pass me the butter please?" Somebody at the table answers "yes, somebody certainly can".... Now what seems to be the trouble in this kind of communication?
@samflores-portillo4182 6 ай бұрын
hey (newbie here), your demonstration shows you configured a trunk vlan across the vMX to qFX, would it still been possible the same interfaces had a static route already setup? I
@jongreenit 6 ай бұрын
no worries and thanks for the question. Yes this is possible. it's important to note that vlans operate at layer 2 where as routing would take place at layer 3. Whether or not it would work depends on how the setup is configured. The static route would be configured on physical interface connecting from the vMX to the vQFX since that link is configured as a layer 2 trunk. Instead the static route would like be pointing to the l3 address of the irb interfaces.
@CheekyMiner Ай бұрын
Fantastic instruction Jon. I have a question, I am tasked with setting up a high availability firewall and with only one WAN I wanted to create 3 ports on Juniper switch that allows the 2 WANS from the firewalls to plug into the Juniper along with the actual ISP WAN. Based on your videos I have created VLAN on 3 ports, that is completed, the configuration I was referencing they setup a different manufacturers switch and what they did on their switch is add Ingress filtering to those 3 vlanned ports. How is this completed on a Juniper, I can't really find any information on this. Any idea, thanks.
@jongreenit Ай бұрын
Glad to hear you found the vid helpful! I take it you're referring to ACLs applied in the ingress direction on interfaces. ACLs on Juniper are referred to as firewall filters. See a walkthrough covered in the video below: kzfaq.info/get/bejne/la-egK57xLSWen0.htmlsi=yQTVjCsBa_WNVpdD
@CheekyMiner Ай бұрын
@@jongreenit Thanks Jon, I will have a look , appreciate it.
@3err0 Жыл бұрын
why do you use .0 and not .10? ( g0/0/3.0 ) ? tnx
@jongreenit Жыл бұрын
I did this mainly to keep the configuration simple and easy to follow, however, you can use a different logical unit to match your vlan configuration
@haikalnendi2314 2 ай бұрын
may i know, what the app used to make a topoloy?
@jongreenit 2 ай бұрын
Hi, the platform used in the videos is an network emulation platform called "EVE-NG"
@haikalnendi2314 2 ай бұрын
how to download the app
@haikalnendi2314 2 ай бұрын
@@jongreenit please to make a tutorial, from install to be a topology has configured…big thanks i will apreciate it
@benboutakader2251 Жыл бұрын
hi thanks for this lab, is it working if we use mx-mx ?
@jongreenit Жыл бұрын
Hi Benbouta, yes mx to mx (bridge domains) work exactly the same - just wanted to demonstrate the config differences on both platforms for this video
@benboutakader2251 Жыл бұрын
@@jongreenit but id doesn't work for me
@jongreenit Жыл бұрын
@@benboutakader2251 are the interfaces able to ping when directly connected with IP addresses?
@benboutakader2251 Жыл бұрын
@@jongreenit yes,
@jongreenit Жыл бұрын
@@benboutakader2251 physical or virtual equipment?
@erlonsilva3396 6 ай бұрын
Hello friend! I know two other ways to configure the vlan trunk, however, I would like to know what the differences are between them? 1. set interfaces ge-0/0/1 vlan-tagging encapsulation extended-vlan-bridge unit 0 vlan-id 100 set bridge-domains vMX interface ge-0/0/1.0 2. set interfaces ge-0/0/1 encapsulation ethernet-bridge unit 0 set bridge-domains vMX vlan-id 100 interface ge-0/0/1.0 Here was your configuration that I learned: 3. set interfaces ge-0/0/1.0 family bridge interface-mode trunk vlan-id-list 100 set bridge-domains vMX vlan-id 100 Thanks!
@jongreenit 6 ай бұрын
Hey, so the difference is the style in which they are configured. #1-2 both use service provider style vlan configuration whereas #3 utilizes enterprise style vlan configuration. While configured differently, vlan trunking still works the same: supportportal.juniper.net/s/article/MX-Example-Interface-Bridge-Configuration-Enterprise-vs-Service-Provider-Style?language=en_US
@mrrtee1343 Жыл бұрын
Hi boss, can I have image for eve-ng?
@jongreenit Жыл бұрын
Hi, the images I use in the videos are free. Checkout the steps I outlined here: kzfaq.info/get/bejne/g82eoauQutrdpqM.html
@jongreenit Жыл бұрын
When you create your free account ensure you select "evaluation mode access." this will give you the permission required the free images available on their websites.
@mrrtee1343 Жыл бұрын
@@jongreenit I tried but my account not certifies, and i tried to contact support but no response
@jongreenit Жыл бұрын
My brother ran into this issue before as well he ended up using a different email address to create a new account with the correct permissions
@mrrtee1343 Жыл бұрын
@@jongreenit I tried with work email as well but did not work. Hope u can share me
@1999Zahra Жыл бұрын
Why can't we configure the "trunk" mode on the physical interface "xe-0/0/0"... Why is it defined on a logical interface within? What is the mode of the physical interface if you define an access or trunk mode on a logical (sub) -interface? Now, I do understand to assign a VLAN to subinterface of any given trunk port, since every VLAN has it's own broadcatsdomain. But since the VLAN assignment on the logical subinterface is hierarchically under the trunk port setting, it is quite confusing when a trunk mode is already set on a subinterface. This is confusing. That would imply that since the logical subinterface is in trunk mode and trunks can hold multiple VLANs, VLANs should be assigned to another logical deeper level.... And this becomes absurd ofcourse...
@jongreenit Жыл бұрын
While the interface-mode trunk statement informs the interface that it is a trunk, the "set vlan members" statement specifies which specific vlans are allowed to be carried across this particular trunk link. Hope this helps.
@1999Zahra Жыл бұрын
@@jongreenit but which interface is defined as 'trunk' in de juniper world? The physical or the logical? That's the core of my question.
@jongreenit Жыл бұрын
@@1999Zahra Juniper interfaces are often broken down into two parts. The physical interface ex. ge-0/0/0 and the logical unit ex. ge-0/0/0.0 - under the phsical interface itself you can change settings like the speed, duplex, etc. However under the logical interface you specify how you can specify how you want this interface to behave (ip address, layer 2 port, access, trunk, etc.)
@1999Zahra Жыл бұрын
If you define a logical interface ge-0/0/0.0 as trunk, how can you than define THIS trunk to hold multiple vlans as a member??? And even more, since you'd define an IP address to a defined logical interface that might serve as a gateway, how than to specify for each VLAN another gateway? You see, something is very unlogical in the interfaces hierarchy of juniper.
@jongreenit Жыл бұрын
@@1999Zahra An interface can either be a layer 2 or layer 3 interface. If you're attempting to configure a gateway ip address for multiple vlans, this can be accomplished by using irb.interfaces and associating them with the appropriate vlans.
What the Meowk!
Рет қаралды 4 МЛН
ComputerNetworkingNotes
Рет қаралды 4 М.
GREAT SPACEX
Рет қаралды 49 М.
Network Direction
Рет қаралды 10 М.
Lame Average Techies
Рет қаралды 19 М.
Lame Average Techies
Рет қаралды 21 М.